1 /* 2 * at.c : Put file into atrun queue 3 * Copyright (C) 1993 Thomas Koenig 4 * 5 * Atrun & Atq modifications 6 * Copyright (C) 1993 David Parsons 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. The name of the author(s) may not be used to endorse or promote 15 * products derived from this software without specific prior written 16 * permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #define _USE_BSD 1 31 32 /* System Headers */ 33 #include <sys/types.h> 34 #include <sys/stat.h> 35 #include <sys/wait.h> 36 #include <ctype.h> 37 #include <dirent.h> 38 #include <errno.h> 39 #include <fcntl.h> 40 #include <pwd.h> 41 #include <signal.h> 42 #include <stddef.h> 43 #include <stdio.h> 44 #include <stdlib.h> 45 #include <string.h> 46 #include <time.h> 47 #include <unistd.h> 48 49 /* Local headers */ 50 #include "at.h" 51 #include "panic.h" 52 #include "parsetime.h" 53 #include "pathnames.h" 54 #define MAIN 55 #include "privs.h" 56 57 /* Macros */ 58 #define ALARMC 10 /* Number of seconds to wait for timeout */ 59 60 #define SIZE 255 61 #define TIMESIZE 50 62 63 /* File scope variables */ 64 static char rcsid[] = "$Id: at.c,v 1.2 1993/12/06 04:10:42 cgd Exp $"; 65 char *no_export[] = 66 { 67 "TERM", "TERMCAP", "DISPLAY", "_" 68 }; 69 static send_mail = 0; 70 71 /* External variables */ 72 extern char **environ; 73 int fcreated; 74 char *namep; 75 char atfile[FILENAME_MAX]; 76 77 char *atinput = (char *) 0; /* where to get input from */ 78 char atqueue = 0; /* which queue to examine for jobs (atq) */ 79 char atverify = 0; /* verify time instead of queuing job */ 80 81 /* Function declarations */ 82 static void sigc __P((int signo)); 83 static void alarmc __P((int signo)); 84 static char *cwdname __P((void)); 85 static void writefile __P((time_t runtimer, char queue)); 86 static void list_jobs __P((void)); 87 88 /* Signal catching functions */ 89 90 static void 91 sigc(signo) 92 int signo; 93 { 94 /* If the user presses ^C, remove the spool file and exit 95 */ 96 if (fcreated) { 97 PRIV_START 98 unlink(atfile); 99 PRIV_END 100 } 101 102 exit(EXIT_FAILURE); 103 } 104 105 static void 106 alarmc(signo) 107 int signo; 108 { 109 /* Time out after some seconds 110 */ 111 panic("File locking timed out"); 112 } 113 114 /* Local functions */ 115 116 static char * 117 cwdname() 118 { 119 /* Read in the current directory; the name will be overwritten on 120 * subsequent calls. 121 */ 122 static char *ptr = NULL; 123 static size_t size = SIZE; 124 125 if (ptr == NULL) 126 ptr = (char *) malloc(size); 127 128 while (1) { 129 if (ptr == NULL) 130 panic("Out of memory"); 131 132 if (getcwd(ptr, size - 1) != NULL) 133 return ptr; 134 135 if (errno != ERANGE) 136 perr("Cannot get directory"); 137 138 free(ptr); 139 size += SIZE; 140 ptr = (char *) malloc(size); 141 } 142 } 143 144 static void 145 writefile(runtimer, queue) 146 time_t runtimer; 147 char queue; 148 { 149 /* 150 * This does most of the work if at or batch are invoked for 151 * writing a job. 152 */ 153 int i; 154 char *ap, *ppos, *mailname; 155 struct passwd *pass_entry; 156 struct stat statbuf; 157 int fdes, lockdes, fd2; 158 FILE *fp, *fpin; 159 struct sigaction act; 160 char **atenv; 161 int ch; 162 mode_t cmask; 163 struct flock lock; 164 165 /* 166 * Install the signal handler for SIGINT; terminate after removing the 167 * spool file if necessary 168 */ 169 act.sa_handler = sigc; 170 sigemptyset(&(act.sa_mask)); 171 act.sa_flags = 0; 172 173 sigaction(SIGINT, &act, NULL); 174 175 strcpy(atfile, _PATH_ATJOBS); 176 ppos = atfile + strlen(_PATH_ATJOBS); 177 178 /* 179 * Loop over all possible file names for running something at this 180 * particular time, see if a file is there; the first empty slot at 181 * any particular time is used. Lock the file _PATH_LOCKFILE first 182 * to make sure we're alone when doing this. 183 */ 184 185 PRIV_START 186 187 if ((lockdes = open(_PATH_LOCKFILE, O_WRONLY | O_CREAT, 0600)) < 0) 188 perr2("Cannot open lockfile ", _PATH_LOCKFILE); 189 190 lock.l_type = F_WRLCK; 191 lock.l_whence = SEEK_SET; 192 lock.l_start = 0; 193 lock.l_len = 0; 194 195 act.sa_handler = alarmc; 196 sigemptyset(&(act.sa_mask)); 197 act.sa_flags = 0; 198 199 /* 200 * Set an alarm so a timeout occurs after ALARMC seconds, in case 201 * something is seriously broken. 202 */ 203 sigaction(SIGALRM, &act, NULL); 204 alarm(ALARMC); 205 fcntl(lockdes, F_SETLKW, &lock); 206 alarm(0); 207 208 for (i = 0; i < AT_MAXJOBS; i++) { 209 sprintf(ppos, "%c%8lx.%3x", queue, 210 (unsigned long) (runtimer / 60), i); 211 for (ap = ppos; *ap != '\0'; ap++) 212 if (*ap == ' ') 213 *ap = '0'; 214 215 if (stat(atfile, &statbuf) != 0) { 216 if (errno == ENOENT) 217 break; 218 else 219 perr2("Cannot access ", _PATH_ATJOBS); 220 } 221 } /* for */ 222 223 if (i >= AT_MAXJOBS) 224 panic("Too many jobs already"); 225 226 /* 227 * Create the file. The x bit is only going to be set after it has 228 * been completely written out, to make sure it is not executed in 229 * the meantime. To make sure they do not get deleted, turn off 230 * their r bit. Yes, this is a kluge. 231 */ 232 cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); 233 if ((fdes = creat(atfile, O_WRONLY)) == -1) 234 perr("Cannot create atjob file"); 235 236 if ((fd2 = dup(fdes)) < 0) 237 perr("Error in dup() of job file"); 238 239 if (fchown(fd2, real_uid, -1) != 0) 240 perr("Cannot give away file"); 241 242 PRIV_END 243 244 /* 245 * We no longer need suid root; now we just need to be able to 246 * write to the directory, if necessary. 247 */ 248 249 REDUCE_PRIV(0); 250 251 /* 252 * We've successfully created the file; let's set the flag so it 253 * gets removed in case of an interrupt or error. 254 */ 255 fcreated = 1; 256 257 /* Now we can release the lock, so other people can access it */ 258 lock.l_type = F_UNLCK; 259 lock.l_whence = SEEK_SET; 260 lock.l_start = 0; 261 lock.l_len = 0; 262 fcntl(lockdes, F_SETLKW, &lock); 263 close(lockdes); 264 265 if ((fp = fdopen(fdes, "w")) == NULL) 266 panic("Cannot reopen atjob file"); 267 268 /* 269 * Get the userid to mail to, first by trying getlogin(), which 270 * reads /etc/utmp, then from LOGNAME, finally from getpwuid(). 271 */ 272 mailname = getlogin(); 273 if (mailname == NULL) 274 mailname = getenv("LOGNAME"); 275 276 if ((mailname == NULL) || (mailname[0] == '\0') 277 || (strlen(mailname) > 8)) { 278 pass_entry = getpwuid(getuid()); 279 if (pass_entry != NULL) 280 mailname = pass_entry->pw_name; 281 } 282 283 if (atinput != (char *) NULL) { 284 fpin = freopen(atinput, "r", stdin); 285 if (fpin == NULL) 286 perr("Cannot open input file"); 287 } 288 fprintf(fp, "#! /bin/sh\n# mail %8s %d\n", mailname, send_mail); 289 290 /* Write out the umask at the time of invocation */ 291 fprintf(fp, "umask %lo\n", (unsigned long) cmask); 292 293 /* 294 * Write out the environment. Anything that may look like a special 295 * character to the shell is quoted, except for \n, which is done 296 * with a pair of "'s. Dont't export the no_export list (such as 297 * TERM or DISPLAY) because we don't want these. 298 */ 299 for (atenv = environ; *atenv != NULL; atenv++) { 300 int export = 1; 301 char *eqp; 302 303 eqp = strchr(*atenv, '='); 304 if (ap == NULL) 305 eqp = *atenv; 306 else { 307 int i; 308 309 for (i = 0;i < sizeof(no_export) / 310 sizeof(no_export[0]); i++) { 311 export = export 312 && (strncmp(*atenv, no_export[i], 313 (size_t) (eqp - *atenv)) != 0); 314 } 315 eqp++; 316 } 317 318 if (export) { 319 fwrite(*atenv, sizeof(char), eqp - *atenv, fp); 320 for (ap = eqp; *ap != '\0'; ap++) { 321 if (*ap == '\n') 322 fprintf(fp, "\"\n\""); 323 else { 324 if (!isalnum(*ap)) 325 fputc('\\', fp); 326 327 fputc(*ap, fp); 328 } 329 } 330 fputs("; export ", fp); 331 fwrite(*atenv, sizeof(char), eqp - *atenv - 1, fp); 332 fputc('\n', fp); 333 334 } 335 } 336 /* 337 * Cd to the directory at the time and write out all the commands 338 * the user supplies from stdin. 339 */ 340 fprintf(fp, "cd %s\n", cwdname()); 341 342 while ((ch = getchar()) != EOF) 343 fputc(ch, fp); 344 345 fprintf(fp, "\n"); 346 if (ferror(fp)) 347 panic("Output error"); 348 349 if (ferror(stdin)) 350 panic("Input error"); 351 352 fclose(fp); 353 354 /* 355 * Set the x bit so that we're ready to start executing 356 */ 357 if (fchmod(fd2, S_IRUSR | S_IWUSR | S_IXUSR) < 0) 358 perr("Cannot give away file"); 359 360 close(fd2); 361 fprintf(stderr, "Job %s will be executed using /bin/sh\n", ppos); 362 } 363 364 static void 365 list_jobs() 366 { 367 /* 368 * List all a user's jobs in the queue, by looping through 369 * _PATH_ATJOBS, or everybody's if we are root 370 */ 371 struct passwd *pw; 372 DIR *spool; 373 struct dirent *dirent; 374 struct stat buf; 375 struct tm runtime; 376 unsigned long ctm; 377 char queue; 378 time_t runtimer; 379 char timestr[TIMESIZE]; 380 int first = 1; 381 382 PRIV_START 383 384 if (chdir(_PATH_ATJOBS) != 0) 385 perr2("Cannot change to ", _PATH_ATJOBS); 386 387 if ((spool = opendir(".")) == NULL) 388 perr2("Cannot open ", _PATH_ATJOBS); 389 390 /* Loop over every file in the directory */ 391 while ((dirent = readdir(spool)) != NULL) { 392 if (stat(dirent->d_name, &buf) != 0) 393 perr2("Cannot stat in ", _PATH_ATJOBS); 394 395 /* 396 * See it's a regular file and has its x bit turned on and 397 * is the user's 398 */ 399 if (!S_ISREG(buf.st_mode) 400 || ((buf.st_uid != real_uid) && !(real_uid == 0)) 401 || !(S_IXUSR & buf.st_mode || atverify)) 402 continue; 403 404 if (sscanf(dirent->d_name, "%c%8lx", &queue, &ctm) != 2) 405 continue; 406 407 if (atqueue && (queue != atqueue)) 408 continue; 409 410 runtimer = 60 * (time_t) ctm; 411 runtime = *localtime(&runtimer); 412 strftime(timestr, TIMESIZE, "%X %x", &runtime); 413 if (first) { 414 printf("Date\t\t\tOwner\tQueue\tJob#\n"); 415 first = 0; 416 } 417 pw = getpwuid(buf.st_uid); 418 419 printf("%s\t%s\t%c%s\t%s\n", 420 timestr, 421 pw ? pw->pw_name : "???", 422 queue, 423 (S_IXUSR & buf.st_mode) ? "" : "(done)", 424 dirent->d_name); 425 } 426 PRIV_END 427 } 428 429 static void 430 delete_jobs(argc, argv) 431 int argc; 432 char **argv; 433 { 434 /* Delete every argument (job - ID) given */ 435 int i; 436 struct stat buf; 437 438 PRIV_START 439 440 if (chdir(_PATH_ATJOBS) != 0) 441 perr2("Cannot change to ", _PATH_ATJOBS); 442 443 for (i = optind; i < argc; i++) { 444 if (stat(argv[i], &buf) != 0) 445 perr(argv[i]); 446 if ((buf.st_uid != real_uid) && !(real_uid == 0)) { 447 fprintf(stderr, "%s: Not owner\n", argv[i]); 448 exit(EXIT_FAILURE); 449 } 450 if (unlink(argv[i]) != 0) 451 perr(argv[i]); 452 } 453 PRIV_END 454 } /* delete_jobs */ 455 456 /* Global functions */ 457 458 int 459 main(argc, argv) 460 int argc; 461 char **argv; 462 { 463 int c; 464 char queue = 'a'; 465 char *pgm; 466 467 enum { 468 ATQ, ATRM, AT, BATCH 469 }; /* what program we want to run */ 470 int program = AT; /* our default program */ 471 char *options = "q:f:mv"; /* default options for at */ 472 time_t timer; 473 474 RELINQUISH_PRIVS 475 476 /* Eat any leading paths */ 477 if ((pgm = strrchr(argv[0], '/')) == NULL) 478 pgm = argv[0]; 479 else 480 pgm++; 481 482 namep = pgm; 483 484 /* find out what this program is supposed to do */ 485 if (strcmp(pgm, "atq") == 0) { 486 program = ATQ; 487 options = "q:v"; 488 } else if (strcmp(pgm, "atrm") == 0) { 489 program = ATRM; 490 options = ""; 491 } else if (strcmp(pgm, "batch") == 0) { 492 program = BATCH; 493 options = "f:mv"; 494 } 495 496 /* process whatever options we can process */ 497 opterr = 1; 498 while ((c = getopt(argc, argv, options)) != EOF) 499 switch (c) { 500 case 'v': /* verify time settings */ 501 atverify = 1; 502 break; 503 504 case 'm': /* send mail when job is complete */ 505 send_mail = 1; 506 break; 507 508 case 'f': 509 atinput = optarg; 510 break; 511 512 case 'q': /* specify queue */ 513 if (strlen(optarg) > 1) 514 usage(); 515 516 atqueue = queue = *optarg; 517 if ((!islower(queue)) || (queue > 'l')) 518 usage(); 519 break; 520 521 default: 522 usage(); 523 break; 524 } 525 /* end of options eating */ 526 527 /* select our program */ 528 switch (program) { 529 case ATQ: 530 531 REDUCE_PRIV(0); 532 533 list_jobs(); 534 break; 535 536 case ATRM: 537 538 REDUCE_PRIV(0); 539 540 delete_jobs(argc, argv); 541 break; 542 543 case AT: 544 timer = parsetime(argc, argv); 545 if (atverify) { 546 struct tm *tm = localtime(&timer); 547 548 fprintf(stderr, "%s\n", asctime(tm)); 549 } 550 writefile(timer, queue); 551 break; 552 553 case BATCH: 554 writefile(time(NULL), 'b'); 555 break; 556 557 default: 558 panic("Internal error"); 559 break; 560 } 561 exit(EXIT_SUCCESS); 562 } 563